Payment Fraud Integration

Sending Device Info

On this page:

Comprehensive fraud protection begins with customer pre-purchase behaviour. Ravelin utilises signals from customer devices, current browsing session and activity during the checkout process to help differentiate bad actors from legitimate customers. The data acquired from these libraries is critical to our ability to provide informed payment fraud recommendations.

Ravelin provides JavaScript, Android and iOS client-side libraries which can generate and gather this customer device data on both web and mobile platforms.

Generating a device ID

The primary purpose of our libraries is generating unique device identifiers, referred to by Ravelin as Device IDs. Device IDs are consistent for different customers using the same device, allowing us to track when a single device is used to access multiple customer accounts on your platform. The Device ID is used to populate our graph networks with connections between customers who are identified as having shared the same device.

The reliability of the Device ID is paramount. An incorrectly assigned Device ID results in unrelated customers becoming connected in the network. For this reason, Ravelin insists you use our libraries for generating Device IDs.

If for whatever reason, you are unable to integrate one of our libraries to fulfill this purpose, we do not recommend generating and submitting your own Device IDs.

Session tracking

Ravelin refers to the activities of your customers while using your service as sessions. There are several suspicious actions a fraudster is likely to perform during these sessions that our libraries can help identify and track.

Our libraries track these suspicious actions and directly notify our servers on their occurrence, as well as provide the ability for you to track and submit events custom to your platform.

Client-side card encryption

For merchants who wish to maintain their PCI compliance at SAQ-A or SAQ-AEP, and therefore do not wish to handle full PANs on their servers, our libraries offer client-side encryption functionality for securely submitting credit card information from your website or mobile app to our servers without expanding your PCI scope.

Without use of client-side encryption, SAQ-A and SAQ-AEP merchants may struggle to provide accurate and detailed card information to Ravelin pre-authorisation.

Next steps

Learn how to integrate our ravelinjs JavaScript library into your website

Learn how to integrate our Android SDK into your Android app

Learn how to integrate our iOS SDK into your iOS app